Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199524.roa
File: AS199524.roa (raw, json)
Hash identifier: 7qF2nWEmM1p9Rqi4ZN7ZubciiSVkxuz0s+JD7PwIAXI=
Subject key identifier: 32:DB:CE:14:41:E8:61:F5:93:7D:74:B7:22:4E:FD:5A:92:C4:74:2D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2D5D8CB119669555D863AD9781FD4929C0ACDE8B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199524.roa
Signing time: Wed 15 Apr 2026 16:29:10 +0000
ROA not before: Wed 15 Apr 2026 16:24:10 +0000
ROA not after: Wed 14 Apr 2027 16:29:10 +0000
asID: 199524
IP address blocks: 82.25.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:5d:8c:b1:19:66:95:55:d8:63:ad:97:81:fd:49:29:c0:ac:de:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 15 16:24:10 2026 GMT
Not After : Apr 14 16:29:10 2027 GMT
Subject: CN=32DBCE1441E861F5937D74B7224EFD5A92C4742D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:dc:04:5e:9e:19:70:71:a3:03:17:51:3b:ca:
0d:a2:5b:40:70:a8:97:c2:c6:16:00:6a:2e:67:f1:
22:ab:61:f2:c5:e6:15:fb:73:58:94:85:d2:3e:9e:
78:a7:0d:be:19:6f:4b:12:65:b5:f7:a2:6b:94:33:
cc:b7:e2:3e:b3:09:a1:fe:80:87:3b:3a:e2:f8:26:
e6:c3:0d:f8:61:3d:d0:93:d3:64:68:2a:13:48:42:
55:71:fa:21:b1:cf:52:fb:0b:14:d9:8f:79:66:f1:
bc:a9:13:37:b3:49:8a:ec:bf:af:d1:ba:e9:aa:ee:
83:d5:14:45:42:0b:f7:d8:99:e3:c8:68:1f:14:0c:
8c:d6:8b:71:00:29:b2:d0:79:e2:d8:1d:76:5e:4c:
2f:8a:75:bf:0b:11:6a:23:71:c6:90:70:3d:32:c6:
4f:83:8e:51:ea:5d:64:cb:5e:b2:f8:5d:8c:76:92:
bd:da:57:f2:e2:cf:60:63:3c:17:ef:4c:2d:9d:96:
35:0e:60:01:d3:92:a2:fe:97:6e:1f:34:a0:6c:f9:
63:9c:b7:15:70:c8:9f:be:8e:d7:4c:b1:f2:4d:bb:
d6:96:2f:41:06:b4:74:44:ee:f5:cf:95:2b:11:f3:
5b:4b:45:0b:5e:69:37:3e:25:53:16:1b:df:7a:8f:
a4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DB:CE:14:41:E8:61:F5:93:7D:74:B7:22:4E:FD:5A:92:C4:74:2D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS199524.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.36.0/24
Signature Algorithm: sha256WithRSAEncryption
09:48:65:d3:40:82:dd:ab:35:62:9c:e8:8b:74:0c:45:69:c5:
27:d3:76:9b:3f:e2:0c:6c:fc:f6:ca:b8:dd:bc:ed:cb:c8:fc:
a6:b5:8e:ad:5b:94:00:4f:95:62:7b:8c:8f:b0:fa:81:3b:03:
b0:57:1b:46:a6:68:48:b3:99:eb:1d:58:f3:92:74:11:0a:ce:
1c:b4:65:e4:2c:46:93:14:37:ef:57:8d:28:0f:3c:04:9f:29:
e9:86:20:89:43:4a:3e:30:c2:73:ec:4b:88:ef:00:eb:00:cd:
f2:77:a6:a5:bb:4a:21:c4:85:54:7c:aa:8c:02:62:98:43:ca:
34:a2:26:87:f8:05:f4:b9:f3:63:bf:40:7a:12:e0:d6:7b:df:
79:08:c1:08:5c:5c:72:09:15:c3:93:05:9b:f9:68:7f:83:71:
21:cb:53:92:4e:44:da:69:7a:65:ac:0a:6f:f3:64:d4:34:94:
1e:f4:32:9e:8c:7a:95:de:67:62:17:fb:77:7c:77:0b:04:0d:
15:bb:0e:9b:37:a4:40:56:be:90:c6:29:61:0b:08:f3:ef:e0:
73:44:4d:93:f0:4b:cf:f5:ea:5f:6b:da:d0:da:98:c4:4f:a0:
c4:4a:e3:c6:03:c2:51:5e:af:0a:08:12:40:5a:ca:91:de:e3:
e0:1b:3a:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIULV2MsRlmlVXYY62Xgf1JKcCs3oswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MTUxNjI0MTBaFw0yNzA0MTQxNjI5MTBaMDMxMTAvBgNV
BAMTKDMyREJDRTE0NDFFODYxRjU5MzdENzRCNzIyNEVGRDVBOTJDNDc0MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv3ARenhlwcaMDF1E7yg2iW0Bw
qJfCxhYAai5n8SKrYfLF5hX7c1iUhdI+nninDb4Zb0sSZbX3omuUM8y34j6zCaH+
gIc7OuL4JubDDfhhPdCT02RoKhNIQlVx+iGxz1L7CxTZj3lm8bypEzezSYrsv6/R
uumq7oPVFEVCC/fYmePIaB8UDIzWi3EAKbLQeeLYHXZeTC+Kdb8LEWojccaQcD0y
xk+DjlHqXWTLXrL4XYx2kr3aV/Liz2BjPBfvTC2dljUOYAHTkqL+l24fNKBs+WOc
txVwyJ++jtdMsfJNu9aWL0EGtHRE7vXPlSsR81tLRQteaTc+JVMWG996j6TXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUMtvOFEHoYfWTfXS3Ik79WpLEdC0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTk5NTI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhkk
MA0GCSqGSIb3DQEBCwUAA4IBAQAJSGXTQILdqzVinOiLdAxFacUn03abP+IMbPz2
yrjdvO3LyPymtY6tW5QAT5Vie4yPsPqBOwOwVxtGpmhIs5nrHVjzknQRCs4ctGXk
LEaTFDfvV40oDzwEnynphiCJQ0o+MMJz7EuI7wDrAM3yd6alu0ohxIVUfKqMAmKY
Q8o0oiaH+AX0ufNjv0B6EuDWe995CMEIXFxyCRXDkwWb+Wh/g3Ehy1OSTkTaaXpl
rApv82TUNJQe9DKejHqV3mdiF/t3fHcLBA0Vuw6bN6RAVr6QxilhCwjz7+BzRE2T
8EvP9epfa9rQ2pjET6DESuPGA8JRXq8KCBJAWsqR3uPgGzq6
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:56:13 2026 by rpki-client